• TTA Journal
• /
• s.102
• /
• pp.161-166
• /
• 2005

TTA(한국정보통신기술협회)는 2005년 4월 21일자 산업자원부 고시(제2005-45호)에 따라 대기전력저감프로그램 지정시험기관으로 인정받아 공인인증 시험서비스를 제공하고 있다. 최근 산업자원부는 'Standby Korea 2010'을 발표하면서 전기에너지 저감을 위한 정책 기조를 제시하였다. 이에 발맞춰 TTA는 2005년 11월 KOLAS 시험분야 추가 인증을 시작으로 관련 시험분야의 확대를 추진할 예정이기에 이를 소개하고자 한다.

• Journal of the Korea Institute of Building Construction
• /
• v.3 no.4
• /
• pp.53-55
• /
• 2003

과거의 대학교육이 교수 중심의 공급자 중심이었다고 한다면 미래의 교육은 수요자 중심의 교육, 즉 학생 중심의 교육이 되어야 한다는 논의가 무성하다. 또한 교육과정을 이수하고 졸업한 학생을 채용하는 기업이 바라는 교육의 내용이 무엇인지를 아는 것은 매우 중요하며 공학인증제도의 도입노력과 연관된다. 즉 회사가 채용한 대학 졸업생의 실력을 통하여 대학의 교육성과를 최종수요자인 회사가 평가하여 그 결과를 대학의 교육과정에 피드백하는 것이 공-학인증제도의 취지이다. 그러므로 회사가 원하는 졸업생의 능력을 갖추도록 대학교육의 커리큘럼을 구성하는 것이 바람직하고 그렇지 못한 대학은 채용에 있어서 불이익을 받을 것이다. (중략)

• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.48 no.2
• /
• pp.105-115
• /
• 2011

User authentication service is an absolutely necessary condition while securely implementing an IT service system. It allows for valid users to securely log-in the system and even to access valid resources from database. For efficiently and securely authenticating users, smart-card has been used as a popular tool because of its convenience and popularity. Furthermore the smart-card can maintain its own power for computation and storage, which makes it easier to be used in all types of authenticating environment that usually needs temporary storage and additional computation for authenticating users and server. First, in 1981, Lamport has designed an authentication service protocol based on user's smart-card. However it has been criticized in aspects of efficiency and security because it uses hash chains and the revealment of server's secret values are not considered. Over the years, many smart-card based authentication service protocol have been designed. Very recently, Xu, Zhu, Feng have suggested a provable and secure smart-card based authentication protocol. In this paper, first, we define all types of attacks in the smart-card based authentication service. According to the defined attacks, however, the protocol by Xu, Zhu, Feng is weak against an attack that an attacker with secret values of server is able to impersonate a valid user without knowing password and secret values of user. An efficient and secure countermeasure is suggested, then the security is analyzed.

• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.47 no.4
• /
• pp.63-72
• /
• 2010

This paper proposes a new authentication protocol for the LR-WPAN. In order to guarantee the reliability and safety of a protocol, this protocol uses the hierarchical authentication approach. In addition, in order to reduce the impact of the denial of service attack, the proposed protocol performs the authentication between a parent router and a joiner device prior to the authentication between a trust center and the joiner device. Moreover, this protocol reduces the authentication delay by decreasing the number of message exchanges during authentication procedure. This paper evaluates the safety of the proposed protocol by the security analysis and reliability of the proposed protocol by the GNY analysis. This paper also compares the number of message exchanges of the ZigBee authentication protocol and the proposed protocol when denial of service attack occurs to evaluate the resistance of the proposed protocol against the denial of service attack. We also analyze the delay for authentication of the joiner device through the implementation of both protocols. Those results show that the proposed protocol effectively protects networks from the denial of service attack and reduces the time for authenticating the joiner device up to maximum 30% as the number of hops increases.

• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.44 no.10
• /
• pp.127-136
• /
• 2007

It is easy to install and maintain a mobile multi-hop wireless network due to its self-organizing characteristics. However it has security weakness of the authentication of mobile multi-hop relay stations. Specially, the mobile multi-hop relay network in the IEEE 802.16j has the additional security weakness caused by the requirement of backward compatibility for mobile stations of the conventional IEEE 802.16 system. In this paper, we propose a novel mutual authentication scheme applicable to IEEE 802.16j-based mobile multi-hop relay network architecture. The scheme is able to resolve the initial trust gain problem of a multi-hop node at its entry to the network, the problem of rogue mobile multi-hop node and the problem of hop-by-hop authentication between multi-hop nodes. Effectively, the scheme is a hybrid scheme of the distributed authentication method and the centralized authentication method which have been considered to be deployed in the wireless ad-hoc network and the wireless network connected to wired authentication servers, respectively. Also, we analyze the effectiveness of the proposed hybrid authentication method.

• Korean Security Journal
• /
• no.36
• /
• pp.255-292
• /
• 2013

Burglary (also called breaking and entering and sometimes housebreaking) is a crime, the essence of which is illegal entry into a building for the purposes of committing an offence. It is one of the most common types of crime and also a serious issue for every society. A house that is left insecure is an accessible and attractive target for burglars and therefore burglary resistance test & certification system for doors and windows has been developed in many countries. This paper explores several advanced foreign burglary resistance test/certifcation cases (the British SBD, the Dutch KOMO SKH/SKG, the Japanese CP mark, the Australian Standard Certification) for security products and domestic test/certification systems for fire safety products as a comparative study so that any improvement points can be gained for South Korea in the field of security product performance. The comparative analysis results show that South Korea is far behind the security product certification system and needs a lot of improvement in the system by benchmarking foreign cases. The domestic test/certification systems for fire safety products also give some insights for burglary-related security products' performance certification system in Korea. Overall, the need for relevant rules and regulations, the establishment of standards regarding testing and certification, including certified security +hardware product in building security certification system, performance testing as well as production testing (i.e. quality management system evaluation), the basic competency of testers, incentive system for certified/high quality security products were suggested in order to make an optimal model for the security production performance testing and certification system in Korea.

• Journal of Aerospace System Engineering
• /
• v.16 no.3
• /
• pp.23-34
• /
• 2022

Cities around the world are increasing their demand for Urban Air Mobility (UAM) aircraft due to traffic congestion with population concentration. Aircraft with various shapes depending on fixed-wing and propulsion systems, are being prepared for commercialization. Airworthiness certification is required as it is a manned transportation vehicle that flies in the city center and transports people on board. UAM aircraft are vulnerable to lightning and HIRF environments due to the increasing use of composite materials, the use of electric motors, and use of electronic equipment. Currently, the development of certification technology, guidelines, and requirements in lightning and HIRF environments for UAM aircraft is incomplete. In this study, the certification procedures for lightning and HIRF indirect impacts of rotorcraft shown in AC 20-136B and AC 20-158A issued by the Federal Aviation Administration (FAA), were verified and applied to the computerized simulation of UAM aircraft. The impact of lightning and HIRF on ducted fan UAM aircraft was analyzed through computerized simulation, and the basis for establishing practical guidelines for certification of UAM aircraft to be operated in the future is presented.

• Convergence Security Journal
• /
• v.6 no.2
• /
• pp.13-20
• /
• 2006

Since the domestic internet banking environment has established for Microsoft Internet Explorer (IE), the internet banking service is not able to use in the open operating system and web browser such as linux and freeBSD. To solve the :problem, we develop the digital signature system used the seed for the digital payment system in the open software environment. Because the domestic internet banking performs the certificate and digital signature verification through official certificate that the official certificate authority issues, we analyze and develop the verification of validity system for the official certificate. Since the virtual internet banking environment is already established in the web server developing under the self-abilities, the basic internet banking service can be performed installing the certificate in the client which has the mozilla porting the seed. Finally, we can confirm that the certificate and digital signature are performed normally through the experiment.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2012.04a
• /
• pp.764-767
• /
• 2012

홈 네트워크 시스템에서 여러 기업간의 상호 운용 프레임워크를 제공하기 위하여 DLNA(Digital Living Network Alliance)가 결성되었다. DLNA에서는 기기 간 상호운용을 위한 가이드를 제시하여 업체간의 통합을 목표로 한다. DLNA 인증을 받은 제품은 유 무선 통신을 통해 기기 간에 컨텐츠를 공유하는 홈 네트워크 시스템을 제공한다. 하지만, 유 무선 통신으로 컨텐츠를 공유할 때 공유기의 비밀번호를 사용하지 않은 경우, 인증되지 않은 외부 침입자가 사용자의 컨텐츠에 접근할 수 있는 보안 상 취약점이 있다. 본 논문에서는 이러한 취약점을 시나리오로 기술하고, 그에 따른 해결방안을 제안하여 안전한 홈 네트워크 시스템 구축에 도움을 주고자 한다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.13 no.5
• /
• pp.17-37
• /
• 2003

This paper presents the ASVO (Automation-considered SVO) Logic that can be used for verifying authentication and key distribution protocols. The ASVO logic was designed for automatic verification, in a way to modify the SVO logic, one of the most famous authentication logics. The ASVO logic is syntactically and semantically sound, and requires relatively simple verification steps. Also we implemented the Isabelle/ASVO system which supports semi-automated verification, by using the Isabelle/Isar system.